The Security Bug Every Node.js Developer Ships to Production

Last year I was doing a code review for a startup. Everything looked fine on the surface,, clean code, good structure, tests passing. Then I noticed this: const query = `SELECT * FROM users WHERE emai